infisical

The open-source secret management platform: Sync secrets/configs across your team/infrastructure and prevent secret leaks.

Slack | Infisical Cloud | Self-Hosting | Docs | Website | Hiring (Remote/SF)

Deploy to DO

Infisical is released under the MIT license. PRs welcome! git commit activity Cloudsmith downloads Slack community channel Infisical Twitter

Dashboard ## Introduction **[Infisical](https://infisical.com)** is the open source secret management platform that teams use to centralize their secrets like API keys, database credentials, and configurations. We're on a mission to make secret management more accessible to everyone, not just security teams, and that means redesigning the entire developer experience from ground up. ## Features - **[User-friendly dashboard](https://infisical.com/docs/documentation/platform/project)** to manage secrets across projects and environments (e.g. development, production, etc.). - **[Client SDKs](https://infisical.com/docs/sdks/overview)** to fetch secrets for your apps and infrastructure on demand. - **[Infisical CLI](https://infisical.com/docs/cli/overview)** to fetch and inject secrets into any framework in local development and CI/CD. - **[Infisical API](https://infisical.com/docs/api-reference/overview/introduction)** to perform CRUD operation on secrets, users, projects, and any other resource in Infisical. - **[Native integrations](https://infisical.com/docs/integrations/overview)** with platforms like [GitHub](https://infisical.com/docs/integrations/cicd/githubactions), [Vercel](https://infisical.com/docs/integrations/cloud/vercel), [AWS](https://infisical.com/docs/integrations/cloud/aws-secret-manager), and tools like [Terraform](https://infisical.com/docs/integrations/frameworks/terraform), [Ansible](https://infisical.com/docs/integrations/platforms/ansible), and more. - **[Infisical Kubernetes operator](https://infisical.com/docs/documentation/getting-started/kubernetes)** to managed secrets in k8s, automatically reload deployments, and more. - **[Infisical Agent](https://infisical.com/docs/infisical-agent/overview)** to inject secrets into your applications without modifying any code logic. - **[Self-hosting and on-prem](https://infisical.com/docs/self-hosting/overview)** to get complete control over your data. - **[Secret versioning](https://infisical.com/docs/documentation/platform/secret-versioning)** and **[Point-in-Time Recovery](https://infisical.com/docs/documentation/platform/pit-recovery)** to version every secret and project state. - **[Audit logs](https://infisical.com/docs/documentation/platform/audit-logs)** to record every action taken in a project. - **[Role-based Access Controls](https://infisical.com/docs/documentation/platform/role-based-access-controls)** to create permission sets on any resource in Infisica and assign those to user or machine identities. - **[Simple on-premise deployments](https://infisical.com/docs/self-hosting/overview)** to AWS, Digital Ocean, and more. - **[Secret Scanning and Leak Prevention](https://infisical.com/docs/cli/scanning-overview)** to prevent secrets from leaking to git. And much more. ## Getting started Check out the [Quickstart Guides](https://infisical.com/docs/getting-started/introduction) | Use Infisical Cloud | Deploy Infisical on premise | | ------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | The fastest and most reliable way to
get started with Infisical is signing up
for free to [Infisical Cloud](https://app.infisical.com/login). |
View all [deployment options](https://infisical.com/docs/self-hosting/overview) | ### Run Infisical locally To set up and run Infisical locally, make sure you have Git and Docker installed on your system. Then run the command for your system: Linux/macOS: ```console git clone https://github.com/Infisical/infisical && cd "$(basename $_ .git)" && cp .env.example .env && docker-compose -f docker-compose.prod.yml up ``` Windows Command Prompt: ```console git clone https://github.com/Infisical/infisical && cd infisical && copy .env.example .env && docker-compose -f docker-compose.prod.yml up ``` Create an account at `http://localhost:80` ### Scan and prevent secret leaks On top managing secrets with Infisical, you can also [scan for over 140+ secret types]() in your files, directories and git repositories. To scan your full git history, run: ``` infisical scan --verbose ``` Install pre commit hook to scan each commit before you push to your repository ``` infisical scan install --pre-commit-hook ``` Lean about Infisical's code scanning feature [here](https://infisical.com/docs/cli/scanning-overview) ## Open-source vs. paid This repo available under the [MIT expat license](https://github.com/Infisical/infisical/blob/main/LICENSE), with the exception of the `ee` directory which will contain premium enterprise features requiring a Infisical license. If you are interested in managed Infisical Cloud of self-hosted Enterprise Offering, take a look at [our website](https://infisical.com/) or [book a meeting with us](https://infisical.cal.com/vlad/infisical-demo): Schedule a meeting ## Security Please do not file GitHub issues or post on our public forum for security vulnerabilities, as they are public! Infisical takes security issues very seriously. If you have any concerns about Infisical or believe you have uncovered a vulnerability, please get in touch via the e-mail address security@infisical.com. In the message, try to provide a description of the issue and ideally a way of reproducing it. The security team will get back to you as soon as possible. Note that this security address should be used only for undisclosed vulnerabilities. Please report any security problems to us before disclosing it publicly. ## Contributing Whether it's big or small, we love contributions. Check out our guide to see how to [get started](https://infisical.com/docs/contributing/getting-started). Not sure where to get started? You can: - Join our Slack, and ask us any questions there. - Join our [community calls](https://us06web.zoom.us/j/82623506356) every Wednesday at 11am EST to ask any questions, provide feedback, hangout and more. ## Resources - [Docs](https://infisical.com/docs/documentation/getting-started/introduction) for comprehensive documentation and guides - [Slack](https://infisical.com/slack) for discussion with the community and Infisical team. - [GitHub](https://github.com/Infisical/infisical) for code, issues, and pull requests - [Twitter](https://twitter.com/infisical) for fast news - [YouTube](https://www.youtube.com/@infisical_os) for videos on secret management - [Blog](https://infisical.com/blog) for secret management insights, articles, tutorials, and updates - [Roadmap](https://www.notion.so/infisical/be2d2585a6694e40889b03aef96ea36b?v=5b19a8127d1a4060b54769567a8785fa) for planned features ## Acknowledgements [//]: contributor-faces